Single certificate service system and operational method thereof

US 9,130,927 B2
Filed: 07/02/2013
Issued: 09/08/2015
Est. Priority Date: 07/02/2012
Status: Active Grant

First Claim

Patent Images

1. A single sign-on service system, comprising:

a terminal thataccesses at least one of a plurality of application service servers according to a request for activating at least one of a plurality of applications, andreceives a service token used to operate the application service from each application service server on the basis of a single sign-on token without separately inputting sign-on information;

an application service server thatprovides data for operating the application service by the terminal having the service token, when a single sign-on message is received from the terminal,provides the single sign-on message to a single sign-on service server, when an integration service number is received from the single sign-on service server,creates the service token on the basis of the single sign-on token without separately checking sign-on information, andprovides the created service token and the data for operating the application service by the terminal to the terminal; and

the single sign-on service server thatprovides the single sign-on token to the terminal through the application service server when the single sign-on message received from the application service server is a single sign-on session request message, and provides the integration service to the application service server when the single sign-on message received from the application service server is a single sign-on session examination message.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention discloses a single sign-on service system and its respective elements, and an operating method thereof. The single sign-on service system includes a terminal configured to access at least one of a plurality of application service servers according to a request for activating at least one of a plurality of applications, and receive a service token used to operate the application service from each application service servers on the basis of a single sign-on token without separately inputting sign-on information, an application service servers configured to provide data for operating the application service by the terminal having the service token and when a single sign-on message is received, provide the single sign-on message to a single sign-on service servers.

19 Citations

View as Search Results

13 Claims

1. A single sign-on service system, comprising:
- a terminal thataccesses at least one of a plurality of application service servers according to a request for activating at least one of a plurality of applications, andreceives a service token used to operate the application service from each application service server on the basis of a single sign-on token without separately inputting sign-on information;
  
  an application service server thatprovides data for operating the application service by the terminal having the service token, when a single sign-on message is received from the terminal,provides the single sign-on message to a single sign-on service server, when an integration service number is received from the single sign-on service server,creates the service token on the basis of the single sign-on token without separately checking sign-on information, andprovides the created service token and the data for operating the application service by the terminal to the terminal; and
  
  the single sign-on service server thatprovides the single sign-on token to the terminal through the application service server when the single sign-on message received from the application service server is a single sign-on session request message, and provides the integration service to the application service server when the single sign-on message received from the application service server is a single sign-on session examination message.

2. An application service server capable of supporting a single sign-on service, the application service server comprising:
- a first communication interface that receives integration ID login information or a single sign-on token-based session inquiry message from a specific application of a terminal;
  
  a first storage that stores data for supporting a specific application function of the terminal and a service token for operating the specific application function of the terminal; and
  
  a first controller that delivers a message for creating a single sign-on token to a single sign-on service server when the integration ID login information is received from the specific application, and when the session inquiry message is received, transmits the session inquiry message to the single sign-on service server, receives an integration service number associated with the session inquiry message from the single sign-on service server, creates the service token on the basis of the single sign-on token without separately checking sign-on information of the application, and then provides the service token to the specific application of the terminal.
- View Dependent Claims (3, 4, 5, 6, 7, 8)
- - 3. The application service server of claim 2, wherein the first controller controls delivery of a message corresponding to the integration ID login information or a message corresponding to the session inquiry message to the single sign-on service server, andwhen a single sign-on token and a one-time access key for acquiring single sign-on cookie information by the web browser are received from the single sign-on service server, the first controller controls delivery of the single sign-on token and the one-time access key to the application of the terminal.
  - 4. The application service server of claim 2, wherein, when the integration ID login information is received, the first controller controls creation of the service token on the basis of the single sign-on token provided by the single sign-on service server and provision of the single sign-on token, the service token, and the application function support data to the specific application of the terminal.
  - 5. The application service server of claim 2, wherein,when the integration ID login information is received, the first controller controls creation of the service token on the basis of the single sign-on token provided by the single sign-on service server and provision of the single sign-on token, a one-time access key, the service token, and the application function support data to the specific application of the terminal, andwhen the session inquiry message is received, the first controller controls creation of the service token on the basis of the integration service token provided by the single sign-on service server and provision of the service token to the specific application of the terminal.
  - 6. The application service server of claim 2, wherein, when a service token termination request message is received from the specific application of the terminal, the first controller controls provision of a service token termination response message for logging out of the application service to the terminal.
  - 7. The application service server of claim 2, wherein,when the service token and a single sign-on token termination request message is received from the specific application of the terminal, the first controller controls provision of the token termination request message to the single sign-on service server, andwhen a response message corresponding to the token termination request message is received, the first controller controls provision of the service token and the single sign-on token termination response message to the terminal.
  - 8. The application service server of claim 2, wherein, when a web browser completion or web browser-based single sign-on cookie termination request message is received, the first controller controls provision of the web browser completion or web browser-based single sign-on cookie termination request message to the single sign-on service server and provision of a response message corresponding to the request message to the terminal.

9. A single sign-on service server, comprising:
- a first communication interface that establishes a communication channel with at least one application service server and receives a single sign-on session request message and a single sign-on session examination message transmitted by a specific application of a terminal through the application service server;
  
  a first storage that stores a single sign-on token provided to the terminal to support a single sign-on allowing access to a specific application service server without separately inputting sign-on information; and
  
  a first controller that controls provision of the single sign-on token to the terminal through the application service server when the single sign-on session request message is received and provision of a single sign-on token-based integration service number to the application service server when the single sign-on session examination message is received.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The single sign-on service server of claim 9, wherein, when a single sign-on token termination request message is received from the application service server, the first controller controls provision of a response message corresponding to the single sign-on token termination to the application service server.
  - 11. The single sign-on service server of claim 9, wherein, when a single sign-on session request message is received for creating single sign-on cookie information to be provided to a web browser of the terminal, the first controller controls provision of a single sign-on token and a one-time access key corresponding to the single sign-on session request message to the terminal through the application service, and provision of the single sign-on cookie information to the web browser performing access through the one-time access key.
  - 12. The single sign-on service server of claim 11, wherein the first controller controls deletion of the one-time access key after the web browser performs access on the basis of the one-time access key.
  - 13. The single sign-on service server of claim 11, wherein,when an application single sign-on message composed by using single sign-on cookie information provided by the web browser of the terminal is received, the first controller controls provision of an integration service number corresponding to the application single sign-on message to the application service server, andwhen a single sign-on cookie termination message is received from the web browser of the terminal, the first controller controls provision of a response message corresponding to the single sign-on cookie termination request message to the web browser and deletion of the single sign-on cookie information stored in the first storage.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SK Planet Co., Ltd. (SK Telecom Co., Ltd.)
Original Assignee
SK Planet Co., Ltd. (SK Telecom Co., Ltd.)
Inventors
Ju, Jaeyoung, Ko, Kyungwan, Um, Bongsu
Primary Examiner(s)
LEWIS, LISA C

Application Number

US14/348,730
Publication Number

US 20140282983A1
Time in Patent Office

798 Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/0815   providing single-sign-on or...

H04L 63/0823   using certificates cryptogr...

H04W 12/068   using credential vaults, e....

Single certificate service system and operational method thereof

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

19 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Single certificate service system and operational method thereof

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links